Issues

Support applying permissions to groups as well as users

In the permissions form for a repository, you should be able to specify permissions either to individual users (which is already supported) or groups. These permissions should be additive, meaning that a user is granted the highest level of permission that is applicable to them, regardless of whether it came from a group or individual permission assignment.

It may be useful to store user and group permission assignments separately to support users and groups with the same name. For example, in some cases it might be desirable to have both a QA user and a QA group.

Example:
Users bob belongs to group Dev and Product1
Users steve belongs to group Dev and Product1
User jane belongs to group QA and Product1
User jill belongs to group QA